Check Android Updates!!! Vulnerabilities Allow Baseband Remote Code Execution
And You Thought That Exynos Modem Was Your Friend
Buckle down, this is a rough ride. The Project Zero team at Google have reported 18 zero-day vulnerabilities affecting Exynos modems found in many Android cellphones over the past few months. All of the vulnerabilities have been given CVE designations, but all details about four of the 18 are being withheld until such time as there is a well spread solution for them. Those four allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and the only information they need is the phone number.
Baseband remote code execution vulnerabilities are rather nasty, stemming from the baseband software running your modem not having the security in place to prevent denial of service or code execution. The software can be updated, and has been in the past to resolve similar attacks. As this all takes place far below the user level, all of this can happen without any indication given to the user, not even a suspicious text or app appearing.
Unfortunately this requires the manufacture creating a fix, in this case Samsung, to pass on to providers to then push to their users. While many of us are more than capable of directly grabbing an Android update, some carriers only provide over the air updates and many users rely on them; assuming they ever actually acknowledge and apply said update.
The list of affected devices is long, Samsung’s S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A0 are all vulnerable as are Vivo S16, S15, S6, X70, X60 and X30 series phones. It also applies to any vehicles which use an Exynos modem in their entertainment systems. It is unclear just which vehicles those might be, but you can assume the updates will be even slower in coming.
Google have fixed the vulnerabilities in the Pixel 6 and Pixel 7 series, but don’t celebrate your choice until you read the first story below the fold.
Until security updates are available, users who wish to protect themselves from the four Internet-to-baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. Turning off these settings will remove the exploitation risk of these four severe vulnerabilities.
More Tech News From Around The Web
- Google Pixel flaw allowed recovery of redacted, cropped images @ Bleeping Computer
- Cosmic rays more likely to glitch out water-cooled computers @ The Register
- UNIX co-creator Ken Thompson is a… what user now? @ The Register
- ASUS Unveils the Tinker V As Their First RISC-V Board @ Slashdot
- Fighting VPN criminalization should be Big Tech’s top priority, activists say @ Ars Technica
- Online-Books Lawsuit Tests Limits of Libraries in Digital Age @ Slashdot
- Crazy Small Router Firewall and Virtualization Node iKoolCore R1 Review 4x 2.5GbE @ ServeTheHome
- AVerMedia Mingle Bar @ TechPowerUp
- Deye SUN600G3 and Bosswerk MI600 Firmware Update Guide @ FunkyHome
- Quick Look: Autonomous SmartDesk Connect @ TechPowerUp
- eufy P2 Pro Smart Scale Review @ NikKTech